Further to the news that the Belgian ministry of transport has ordered an investigation into alleged criminal data protection breaches after EU motorists received ULEZ fines by an agent acting for TfL, Kingsley Hayes, Head of Data and Privacy Litigation at Keller Postman UK has shared his thoughts. Kingsley Hayes said in a statement:
“The Belgian Ministry for Transport has taken issue with alleged criminal breaches of data rules from a collection agent acting for Transport for London. The investigation they have ordered promises to scrutinise these data handling practices which should in theory adhere to broader, Europe-wide data protection legislation such as GDPR.
“It will be interesting to see what this investigation uncovers, particularly as it appears that the tenuous approach to rely upon regulation 27 (1) (e) of the 2002 Road Vehicle (registration and licensing) regulations as the basis for bypassing personal data protections is going to come under heavy scrutiny for both the DVLA and the ICO.
“The tenuous bypass in regulation 27 (1) (e) of the 2002 Road Vehicle (registration and licensing) regulations that operators in this space have been exploiting to skirt data privacy laws may well prove to be illegitimate. If that’s the case, the data handling responsibilities set by that precedent could totally upend these companies’ business models.”